AICRIER_2
OPEN FEED
YOU ARE VIEWING ONE ITEM FROM THE AICRIER FEED

gVisor on Raspbian needs VA_BITS_48

AICrier tracks AI developer news across Product Hunt, GitHub, Hacker News, YouTube, X, arXiv, and more. This page keeps the article you opened front and center while giving you a path into the live feed.

EXPLORE LATEST FEEDSEE FEATURED PICKS

// WHAT AICRIER DOES

7+

TRACKED FEEDS

24/7

SCRAPED FEED

Short summaries, external links, screenshots, relevance scoring, tags, and featured picks for AI builders.

gVisor on Raspbian needs VA_BITS_48
OPEN LINK ↗
// 75d agoTUTORIAL

gVisor on Raspbian needs VA_BITS_48

ANNOUNCEMENTPRODUCT

Nubificus shows why gVisor fails on Raspberry Pi OS Bookworm by default: the kernel is built with 39-bit virtual addressing, which starves gVisor’s userspace kernel memory layout. The post walks through verification, reproducing the failure, and rebuilding the Pi kernel with 48-bit VA support so runsc works reliably.

// ANALYSIS

This is a practical infra debugging guide that turns an obscure kernel panic into a repeatable fix for edge container security.

  • Root cause is explicit: `CONFIG_ARM64_VA_BITS_39=y` on Raspbian vs `VA_BITS_48` on Ubuntu ARM kernels.
  • It maps the failure to real symptoms (`cannot allocate memory in static TLS block`) instead of hand-wavy “gVisor doesn’t work.”
  • The guide includes end-to-end steps: check kernel config, install `runsc`, test with `nerdctl`, rebuild kernel, and verify after reboot.
  • For teams running untrusted or LLM-generated workloads on Pi-class hardware, this closes a critical sandboxing gap.
// TAGS
gvisoropen-sourceself-hosteddevtoolcloud

DISCOVERED

75d ago

2026-03-13

PUBLISHED

76d ago

2026-03-13

RELEVANCE

6/ 10

AUTHOR

_ananos_